cbac 0.6.10 → 0.7.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 8c041fd3a4befc2208c468e57a7a6a49168d2bd5
+  data.tar.gz: c97a35227f58f9f04083e4e88cc1bc42e26a8e2a
+SHA512:
+  metadata.gz: 0fa615f6784d84775c61971e234ae419de6ae748ea2229b3cabfa2947c632932a488c68ee814959377cba1239289c82971d34c7aa64fbe322e2e98acecb22ff5
+  data.tar.gz: 8d2c9e5b8aa393d896d1e4803536ddafaece144cb4fbfdaa48657eb160c5c9e2cb15b61747b49a5191353deaea469f55e251285e5033b8f854e800704d74edf2

data/.gitignore

@@ -0,0 +1,4 @@
+nbproject
+pkg
+spec/support/*.sqlite3
+Gemfile.lock

data/.rspec

@@ -0,0 +1 @@
+--color

data/Gemfile

@@ -1,7 +1,3 @@
 source 'https://rubygems.org'
 
 gemspec
-
-group :release do
-  gem 'echoe'
-end

data/README.rdoc

@@ -4,8 +4,9 @@
 Easy to use, light-weight authorization system for Rails applications.
 
 == Update
-Version 0.6 contains a few major updates on the system. This is driven by the
-feature to be compliant with Rails 3
+Version 0.7 contains several updates on the system. This is driven by the
+wish to be compliant with Rails 4.2, the oldest Rails version that is
+currently under support.
 
 == FEATURES:
 - Authorize users via roles/ groups

data/Rakefile

@@ -2,7 +2,7 @@
 require 'rubygems'
 require 'rake'
 require 'rake/testtask'
-require 'rake/rdoctask'
+require 'rdoc/task'
 require 'echoe'
 require 'cbac/version'
 

data/cbac.gemspec

@@ -1,34 +1,27 @@
 # -*- encoding: utf-8 -*-
 
 Gem::Specification.new do |s|
-  s.name = "cbac"
-  s.version = "0.6.10"
+  s.name    = "cbac"
+  s.version = "0.7.0"
 
-  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
-  s.authors = ["Bert Meerman"]
-  s.date = "2013-01-09"
-  s.description = "Simple authorization system for Rails applications. Allows you to develop applications with a mixed role based authorization and a context based authorization model. Does not supply authentication."
-  s.email = "bertm@rubyforge.org"
-  s.extra_rdoc_files = ["README.rdoc", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/cbac/version.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "tasks/cbac.rake"]
-  s.files = ["Gemfile", "Gemfile.lock", "README.rdoc", "Rakefile", "cbac.gemspec", "config/cbac/context_roles.rb", "config/cbac/privileges.rb", "context_roles.rb", "init.rb", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/cbac/version.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb", "privileges.rb", "rails/init.rb", "spec/cbac_authorization_check_spec.rb", "spec/cbac_pristine_file_spec.rb", "spec/cbac_pristine_permission_spec.rb", "spec/cbac_pristine_role_spec.rb", "spec/fixtures/controllers/dating/daughter_controller.rb", "spec/rcov.opts", "spec/spec.opts", "spec/spec_helper.rb", "spec/support/schema.rb", "tasks/cbac.rake", "test/fixtures/cbac_generic_roles.yml", "test/fixtures/cbac_memberships.yml", "test/fixtures/cbac_permissions.yml", "test/fixtures/cbac_privilege_set.yml", "test/test_cbac_actions.rb", "test/test_cbac_authorize_generic_roles.rb", "test/test_cbac_context_role.rb", "test/test_cbac_privilege.rb", "test/test_cbac_privilege_set.rb", "test/test_helper.rb", "Manifest"]
-  s.homepage = "http://cbac.rubyforge.org"
-  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Cbac", "--main", "README.rdoc"]
-  s.require_paths = ["lib"]
-  s.rubyforge_project = "cbac"
-  s.rubygems_version = "1.8.24"
-  s.summary = "CBAC - Simple authorization system for Rails applications."
-  s.test_files = ["test/test_cbac_privilege.rb", "test/test_cbac_context_role.rb", "test/test_helper.rb", "test/test_cbac_actions.rb", "test/test_cbac_privilege_set.rb", "test/test_cbac_authorize_generic_roles.rb"]
+  s.authors                   = ["Bert Meerman"]
+  s.date                      = "2016-08-15"
+  s.description               = "Simple authorization system for Rails applications. Allows you to develop applications with a mixed role based authorization and a context based authorization model. Does not supply authentication."
+  s.email                     = "bertm@rubyforge.org"
+  s.files                     = `git ls-files`.split("\n")
+  s.homepage                  = "http://cbac.rubyforge.org"
+  s.license                   = "MIT"
+  s.rdoc_options              = ["--line-numbers", "--inline-source", "--title", "Cbac", "--main", "README.rdoc"]
+  s.require_paths             = ["lib"]
+  s.required_ruby_version     = ">= 1.9.3"
+  s.required_rubygems_version = ">= 1.8.11"
+  s.rubyforge_project         = "cbac"
+  s.summary                   = "CBAC - Simple authorization system for Rails applications."
+  s.test_files                = `git ls-files -- test/*.*`.split("\n")
 
-  if s.respond_to? :specification_version then
-    s.specification_version = 3
-
-    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-      s.add_dependency("rails", ">= 3.0")
-      s.add_development_dependency("rspec-rails")
-      s.add_development_dependency("sqlite3")
-      s.add_development_dependency("database_cleaner")
-    else
-    end
-  else
-  end
+  s.add_development_dependency("database_cleaner", "~> 1.5")
+  s.add_development_dependency("rspec-rails", "~> 3")
+  s.add_development_dependency("sqlite3", "~> 1.3")
+  s.add_runtime_dependency("echoe", "~> 4")
+  s.add_runtime_dependency("rails", "~> 4.2")
 end

data/lib/cbac.rb

@@ -47,14 +47,18 @@ module Cbac
         check_privilege_sets([PrivilegeSet.sets[privilege_set.to_sym]], context)
       end
 
+      def permitted_for_generic_role?(privilege_set, context)
+        Cbac::GenericRole.joins(:generic_role_members, :permissions).exists?(
+          'cbac_memberships.user_id'  => current_user(context),
+          'cbac_permissions.privilege_set_id' => privilege_set.id
+        )
+      end
+
       # Check the given privilege_sets
       def check_privilege_sets(privilege_sets, context = {})
         # Check the generic roles
         return true if privilege_sets.any? { |set|
-          Cbac::GenericRole.joins(:generic_role_members, :permissions).exists?(
-            'cbac_memberships.user_id'  => current_user,
-            'cbac_permissions.privilege_set_id' => set.id
-          )
+          permitted_for_generic_role?(set, context)
         }
 
         # Check the context roles Get the permissions
@@ -89,8 +93,12 @@ module Cbac
       end
 
       # Default implementation of the current_user method
-      def current_user_id
-        session[:currentuser].to_i
+      def current_user_id(context = {})
+        context[:cbac_user].to_i
+      end
+
+      def current_user(context = {})
+        current_user_id(context)
       end
 
       # Load controller classes and methods

data/lib/cbac/cbac_pristine/pristine_file.rb

@@ -133,7 +133,7 @@ module Cbac
           # if not, the context role is not found by CBAC and thus will not work
 
           # this may be a context role that's already in the database
-          context_role = use_db ? PristineRole.first(:conditions => {:role_type => PristineRole.ROLE_TYPES[:context], :name => context_role_name.captures[0]}) : nil
+          context_role = use_db ? PristineRole.where(role_type: PristineRole.ROLE_TYPES[:context], name: context_role_name.captures[0]).first : nil
 
           # this may still be a context role we've seen before...
           context_role = @context_roles.select do |cr| cr.role_type == PristineRole.ROLE_TYPES[:context] and cr.name == context_role_name.captures[0] end.first if context_role.nil?
@@ -166,7 +166,7 @@ module Cbac
               return generic_cbac_role
             end
           end
-          role = use_db ? PristineRole.first(:conditions => {:role_type => PristineRole.ROLE_TYPES[:generic], :name => generic_role.captures[0]}) : nil
+          role = use_db ? PristineRole.where(role_type: PristineRole.ROLE_TYPES[:generic], name: generic_role.captures[0]).first : nil
 
           if role.nil?
             role = PristineRole.new do |role|

data/lib/cbac/cbac_pristine/pristine_permission.rb

@@ -11,7 +11,7 @@ module Cbac
       belongs_to :pristine_file, :class_name => "Cbac::CbacPristine::AbstractPristineFile"
 
       def privilege_set
-        Cbac::PrivilegeSetRecord.first(:conditions => {:name => privilege_set_name})
+        Cbac::PrivilegeSetRecord.where(name: privilege_set_name).first
       end
 
       def operation_string
@@ -48,25 +48,38 @@ module Cbac
       # checks if the current cbac permissions contains a permission which is exactly like this one
       def cbac_permission_exists?
         if pristine_role.role_type == PristineRole.ROLE_TYPES[:context]
-          Cbac::Permission.count(:joins => [:privilege_set], :conditions => {:cbac_privilege_set => {:name => privilege_set_name}, :context_role => pristine_role.name}) > 0
+          Cbac::Permission.joins(:privilege_set).where('cbac_privilege_set.name = ?', privilege_set_name).where(context_role: pristine_role.name).count > 0
         else
-          Cbac::Permission.count(:joins => [:generic_role, :privilege_set], :conditions => {:cbac_privilege_set => {:name => privilege_set_name}, :cbac_generic_roles => {:name => pristine_role.name}}) > 0
+          Cbac::Permission.joins(:generic_role, :privilege_set).where('cbac_privilege_set.name = ?', privilege_set_name).where('cbac_generic_roles.name' => pristine_role.name).count > 0
         end
       end
 
       # checks if a pristine permission with the same properties(except line_number) exists in the database
       def exists?
-        Cbac::CbacPristine::PristinePermission.count(:conditions => {:privilege_set_name => privilege_set_name, :pristine_role_id => pristine_role_id, :operation => operation}) > 0
+        Cbac::CbacPristine::PristinePermission.where(
+          privilege_set_name: privilege_set_name,
+          pristine_role_id: pristine_role_id,
+          operation: operation)
+        .count > 0
       end
 
       # checks if a pristine permission with the exact same properties(except line_number), but the reverse operation exists in the database
       def reverse_exists?
-        Cbac::CbacPristine::PristinePermission.count(:conditions => {:privilege_set_name => privilege_set_name, :pristine_role_id => pristine_role_id, :operation => reverse_operation}) > 0
+        Cbac::CbacPristine::PristinePermission.where(
+          privilege_set_name: privilege_set_name,
+          pristine_role_id: pristine_role_id,
+          operation: reverse_operation)
+        .count > 0
       end
 
       # delete the pristine permission with the reverse operation of this one
       def delete_reverse_permission
-        reverse_permission = Cbac::CbacPristine::PristinePermission.first(:conditions => {:privilege_set_name => privilege_set_name, :pristine_role_id => pristine_role_id, :operation => reverse_operation})
+        reverse_permission = Cbac::CbacPristine::PristinePermission.where(
+          privilege_set_name: privilege_set_name,
+          pristine_role_id: pristine_role_id,
+          operation: reverse_operation)
+        .first
+
         reverse_permission.delete
       end
 
@@ -86,7 +99,10 @@ module Cbac
 
       # checks if the known_permissions table has an entry for this permission
       def known_permission_exists?
-        Cbac::KnownPermission.count(:conditions => {:permission_type => pristine_role.known_permission_type, :permission_number => line_number}) > 0
+        Cbac::KnownPermission.where(
+          :permission_type   => pristine_role.known_permission_type,
+          :permission_number => line_number
+        ).count > 0
       end
 
       # accept this permission and apply to the current cbac permission set
@@ -120,8 +136,8 @@ module Cbac
         if pristine_role.role_type == PristineRole.ROLE_TYPES[:context]
           permission.context_role = pristine_role.name
         else
-          generic_role = Cbac::GenericRole.first(:conditions => {:name => pristine_role.name})
-          permission.generic_role = generic_role.nil? ? Cbac::GenericRole.create(:name => pristine_role.name, :remarks => "Autogenerated by Cbac loading / upgrade system") : generic_role
+          generic_role = Cbac::GenericRole.where(name: pristine_role.name).first
+          permission.generic_role = generic_role || Cbac::GenericRole.where(name: pristine_role.name, remarks: "Autogenerated by Cbac loading / upgrade system").create
         end
 
         register_change if permission.save
@@ -178,7 +194,7 @@ module Cbac
 
       # clear the staging area of all generic pristine permissions
       def self.delete_generic_permissions
-        generic_staged_permissions = all(:joins => :pristine_role, :conditions => ["cbac_staged_roles.role_type = ?", PristineRole.ROLE_TYPES[:generic]])
+        generic_staged_permissions = joins(:pristine_role).where("cbac_staged_roles.role_type = ?", PristineRole.ROLE_TYPES[:generic])
         generic_staged_permissions.each do |permission|
           delete(permission.id)
         end
@@ -186,18 +202,18 @@ module Cbac
 
       # clear the staging area of all non generic permissions
       def self.delete_non_generic_permissions
-        staged_permissions = all(:joins => :pristine_role, :conditions => ["cbac_staged_roles.role_type != ?", PristineRole.ROLE_TYPES[:generic]])
+        staged_permissions = joins(:pristine_role).where("cbac_staged_roles.role_type != ?", PristineRole.ROLE_TYPES[:generic])
         staged_permissions.each do |permission|
           delete(permission.id)
         end
       end
 
       def self.count_generic_permissions
-        count(:joins => :pristine_role, :conditions => ["cbac_staged_roles.role_type = ?", PristineRole.ROLE_TYPES[:generic]])
+        joins(:pristine_role).where("cbac_staged_roles.role_type = ?", PristineRole.ROLE_TYPES[:generic]).count
       end
 
       def self.count_non_generic_permissions
-        count(:joins => :pristine_role, :conditions => ["cbac_staged_roles.role_type != ?", PristineRole.ROLE_TYPES[:generic]])
+        joins(:pristine_role).where("cbac_staged_roles.role_type != ?", PristineRole.ROLE_TYPES[:generic]).count
       end
     end
   end

data/lib/cbac/cbac_pristine/pristine_role.rb

@@ -33,7 +33,7 @@ module Cbac
       end
 
       def self.admin_role(use_db = true)
-        admin_role =  use_db ? PristineRole.first(:conditions => {:role_type => PristineRole.ROLE_TYPES[:admin]}) : nil
+        admin_role =  use_db ? PristineRole.where(role_type: PristineRole.ROLE_TYPES[:admin]).first : nil
 
         admin_role || PristineRole.new do |role|
           role.role_id = 1

data/lib/cbac/generic_role.rb

@@ -1,6 +1,5 @@
 class Cbac::GenericRole < ActiveRecord::Base
   self.table_name = "cbac_generic_roles"
-  attr_accessible :remarks, :name
 
   has_many :generic_role_members, :class_name => "Cbac::Membership", :foreign_key => "generic_role_id"
   has_many :permissions, :class_name => "Cbac::Permission", :foreign_key => "generic_role_id"

data/lib/cbac/known_permission.rb

@@ -6,10 +6,10 @@ class Cbac::KnownPermission < ActiveRecord::Base
   @@PERMISSION_TYPES = {:context => 0, :generic => 1}
 
   def self.find_context_permissions(conditions = {})
-    all(:conditions => conditions.merge(:permission_type => @@PERMISSION_TYPES[:context]))
+    where(conditions.merge(:permission_type => @@PERMISSION_TYPES[:context])).all
   end
 
   def self.find_generic_permissions(conditions = {})
-    all(:conditions => conditions.merge(:permission_type => @@PERMISSION_TYPES[:generic]))
+    where(conditions.merge(:permission_type => @@PERMISSION_TYPES[:generic])).all
   end
 end

data/lib/cbac/privilege.rb

@@ -88,7 +88,8 @@ class Privilege
     def select(controller_method, action_type)
       action_type = action_type.to_s
       post_methods = ["post", "put", "delete", "patch"]
-      if action_type == "get"
+      get_methods = ["get", "head"]
+      if get_methods.include? action_type
         privilege_sets = Privilege.get_resources[controller_method]
       else if post_methods.include?(action_type)
           privilege_sets = Privilege.post_resources[controller_method]

data/lib/cbac/privilege_set.rb

@@ -19,7 +19,7 @@ class Cbac::PrivilegeSet
       # check for double creation
       raise ArgumentError, "CBAC: PrivilegeSet was already defined: #{symbol.to_s}" if @sets.include?(symbol)
       # Create record if privilege set doesn't exist
-      record = Cbac::PrivilegeSetRecord.find_or_create_by_name(symbol.to_s)
+      record = Cbac::PrivilegeSetRecord.find_or_create_by(name: symbol.to_s)
       record.set_comment(comment)
       record.save
 

data/lib/cbac/version.rb

@@ -1,3 +1,3 @@
 module Cbac
-  VERSION = '0.6.7'
+  VERSION = '0.7.0'
 end

data/lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb

@@ -10,13 +10,13 @@ class Cbac::GenericRolesController < ApplicationController
   # POST /update
   def update
     @role = Cbac::GenericRole.find(params[:id])
-    @role.update_attributes(params[:cbac_generic_role])
+    @role.update_attributes(role_params)
     redirect_to :action => "index"
   end
 
   # POST /create
   def create
-    @role = Cbac::GenericRole.new(params[:cbac_generic_role])
+    @role = Cbac::GenericRole.new(role_params)
     @role.save
     redirect_to :action => "index"
   end
@@ -27,4 +27,9 @@ class Cbac::GenericRolesController < ApplicationController
     @role.delete
     redirect_to :action => "index"
   end
+
+  private
+  def role_params
+    params.required(:cbac_generic_role).permit(:name, :remarks)
+  end
 end

data/lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb

@@ -5,7 +5,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
         t.integer :generic_role_id, :default => 0
         t.string :context_role
         t.integer :privilege_set_id
-        t.timestamps
+        t.timestamps null: false
       end
     end
 
@@ -13,7 +13,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
       create_table :cbac_generic_roles do |t|
         t.string :name
         t.text :remarks
-        t.timestamps
+        t.timestamps null: false
       end
     end
 
@@ -21,7 +21,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
       create_table :cbac_memberships do |t|
         t.integer :user_id
         t.integer :generic_role_id
-        t.timestamps
+        t.timestamps null: false
       end
     end
 
@@ -29,7 +29,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
       create_table :cbac_privilege_set do |t|
         t.string :name
         t.string :comment
-        t.timestamps
+        t.timestamps null: false
       end
     end
 
@@ -37,7 +37,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
       create_table :cbac_pristine_files do |t|
         t.string :type
         t.string :file_name
-        t.timestamps
+        t.timestamps null: false
       end
     end
 
@@ -49,7 +49,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
         t.integer :line_number
         t.string :comment
         t.text :operation, :limit => 2
-        t.timestamps
+        t.timestamps null: false
       end
     end
 
@@ -58,7 +58,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
         t.string :role_type
         t.string :name
         t.integer :role_id
-        t.timestamps
+        t.timestamps null: false
       end
     end
 

data/lib/generators/cbac/copy_files/tasks/cbac.rake

@@ -16,7 +16,7 @@
 
 # Get a privilege set that fulfills the provided conditions
   def get_privilege_set(conditions)
-    Cbac::PrivilegeSetRecord.first(:conditions => conditions)
+    Cbac::PrivilegeSetRecord.where(conditions).first
   end
 
 # Get a Hash containing all entries from the provided table

data/migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb

@@ -3,7 +3,7 @@ class AddPristineFilesToCbacUpgradePath < ActiveRecord::Migration
     create_table :cbac_pristine_files do |t|
       t.string :type
       t.string :file_name
-      t.timestamps
+      t.timestamps null: false
     end
 
     add_column :cbac_staged_permissions, :pristine_file_id, :integer

data/spec/cbac_authorization_check_spec.rb

@@ -40,29 +40,28 @@ describe Cbac do
           :controller => "dating/daughter_controller",
           :action => "take_to_dinner"
         }
+        allow(@controller).to receive(:current_user).and_return(nil)
       end
 
       context "and the contextual requirements are fulfilled" do
         before :each do
-          ideal_son_in_law = mock('user', :brought_flowers? => true)
-          @controller.stub(:candidate).and_return(ideal_son_in_law)
+          ideal_son_in_law = double('user', :brought_flowers? => true)
+          allow(@controller).to receive(:candidate).and_return(ideal_son_in_law)
         end
 
         specify "the action is invoked" do
-          @controller.authorize.should == true
+          expect(@controller.authorize).to be_truthy
         end
       end
 
       context "and the contextual requirements are not fulfilled" do
         before :each do
-          some_punk = mock('user', :brought_flowers? => false)
-          @controller.stub(:candidate).and_return(some_punk)
+          some_punk = double('user', :brought_flowers? => false)
+          allow(@controller).to receive(:candidate).and_return(some_punk)
         end
 
         specify "the action is blocked" do
-          @controller.should_receive(:unauthorized)
-
-          @controller.authorize
+          expect(@controller.authorize).to be_falsey
         end
       end
     end